12 factor (cloud native) apps for spring developers

SPRINGONE2GX WASHINGTON, DC

Unless otherwise indicated, these sl ides are © 2013-2015 Pivotal Software, Inc. and l icensed under a Creat ive Commons Attr ibut ion-NonCommercial l icense: ht tp: / /creat ivecommons.org/ l icenses/by-nc/3.0/

12 Factor (Cloud Native) Apps for Spring Developers

By Cornelia Davis & Josh Kruck @cdavisafc & @krujos


Cloud Native Applications “developed specifically for cloud platforms”

highly scalable

mobile

agile

run in containers

microservices

designed for failure

what’s a cloud platform?

seems right

not always, but okay

definitely

implementation detail

probably

without question

Unless otherwise indicated, these sl ides are © 2013-2015 Pivotal Software, Inc. and l icensed under a Creat ive Commons Attr ibut ion-NonCommercial l icense: ht tp: / /creat ivecommons.org/ l icenses/by-nc/3.0/ 3

http://12factor.net/


One codebase tracked in revision control, many deploys Factor 1 – Codebase

1 Codebase = 1 App

Maybe?

Let’s look at some alternatives:

1 Codebase = * Apps

* Codebase = 1 App


Or, 1 Codebase = what should be * Apps 1 Codebase = * Apps

Relational Database

Data Access

Service

HTML JavaScript MVC

Service

Monolithic Application Browser

… But is something we can migrate from


Migrating the Monolith Prerequisites •  Adequate test coverage •  Pipelines •  Sane build environment Choose a business function •  Simple & bounded •  Value in extraction Extract it •  New repo & implement service •  Use spring boot Connect it •  Connect to existing app via proxy

http://blog.pivotal.io/pivotal-cloud-foundry/case-studies/case-study-refactoring-a-monolith-into-a-cloud-native-app-part-1


For clarification: 1 Codebase = 1 Process * Codebase = 1 App?

Let’s look at a scenario…

Suspend disbelief for a moment…

… but 2 codebases means (possibly) 2 teams

… and 2 teams necessitates APIs!!!!!


One codebase tracked in revision control, many deploys Factor 1 – Codebase

1 Codebase = 1 App

?

Probably


How your microservices will communicate Factor 15 – API First

Design Develop Version Discover

http://www.api-first.com/


Explicitly Declare and Isolate dependencies

Factor 2 – Dependencies

Goal: Developer to avoid dependency hell

While I know this is a developer conference… … your apps will

(hopefully)

be operated (by you)

in production

+ Repeatable deployments


Let’s take a little detour for a moment…


Strictly Separate Stages Factor 5 – Design, Build, Release, Run

Stage Who? What? Why not n & n+1? Design Dev Spring/Spring Boot,

Gradle, Maven Developer best understands the dependencies

Build CI .war or .jar One build, many deploys Anti – “it works on my machine”

Release Platform Droplet, Docker Image

Agile deployments, Upgrades, Rollbacks

Run Platform Container + process

Speed


The Deployment Pipeline

Commit Tests

Integration Tests

Deployable Artifact

Deploy to CF Test Env

Deploy to Prod

• Developer crafted (before impl.) • Stubs/mocks external services • Developer executed (before commit) • CI executed (after commit)

(after commit) • Developer or QA crafted • CI executed • Runtime context (buildpack applied) • Binds to test services (DB, messaging, etc.)

•  “cf push” • Runtime context (buildpack applied) • Binds to test services (DB, messaging, etc.) • Periodic smoke tests

•  “cf push” • Runtime context (buildpack applied) • Binds to prod services (DB,

messaging, etc.) • Periodic smoke tests • Monitoring

? ?


Now, coming back to Dependencies…


Remember, its about Repeatable Deployments

so nothing about the runtime environment should be assumed. Explicitly declare dependencies!


Is the runtime provided by the Developer

or the Platform?


Let’s look at some

CODE (finally)


PCF – Each Layer Upgradable with Zero Downtime

* How much provided by dev and how much by platform?

runtime layer*

OS image

application layer

linux host & kernel

App container

PCF Supported

Dev Supported

• Platform Provided • CVEs addressed by Pivotal • Canary-style, zero-

downtime upgrades

• Platform or Developer Provided

• CVEs addressed by Pivotal (for Platform Provided)

• Blue/Green deployments

• Developer/App team provided

• Blue/Green deployments


Spring Boot – embedded runtime ... apply plugin: 'java’ apply plugin: 'spring-boot’ ... jar { baseName = 'twelvefactor' version = '0.1.0' } ... dependencies { compile("org.springframework.boot:spring-boot-starter-web") { exclude module: "spring-boot-starter-tomcat" } compile("org.springframework.boot:spring-boot-starter-jetty") ...


Spring Boot – external runtime

... //apply plugin: 'spring-boot’ apply plugin: 'war' apply plugin: 'io.spring.dependency-management' war { baseName = 'twelvefactor' version = '0.1.0' } ... dependencies { compile("org.springframework.boot:spring-boot-starter-web") providedRuntime("org.springframework.boot:spring-boot-starter-tomcat") ...

ß Omit as it brings embedded Tomcat


Store the Config in the Environment Factor 3 – Config

What is Configuration?

�  Resource handles to databases and other backing services

�  Credentials to external sources (e.g. S3, Twitter, ...)

�  Per-deploy values (e.g. canonical hostname for deploy)

�  ANYTHING that’s likely to vary between deploys (dev, test, stage, prod)


Store the Config in the Environment Factor 3 – Config

Where NOT to store it:

�  In the CODE (Captain Obvious)

�  In PROPERTIES FILES (That’s code...)

�  In the BUILD (ONE build, MANY deploys)

�  In the APP SERVER (e.g. JNDI datasources)


Store it in the

Environment

Let’s have a look…


... import org.springframework.context.EnvironmentAware; import org.springframework.core.env.Environment; @RestController public class HelloController implements EnvironmentAware {

private String name;

@Override public void setEnvironment(Environment environment) { this.name = environment.getProperty("who"); }

...

Spring – Picking up Env Vars


Treat Logs as Event Streams Factor 11 – Logs

Log to stdout and stderr! the standard implemented by the platform

Let’s have a look…


logging: level: org.springframework: ${SPRING_LOG_LEVEL:INFO} hello: ${LOG_LEVEL:INFO}

In application.yml

Spring – Using ENV to config logging

BUT Use this property file ONLY as an (hierarchical) abstraction!

Store config in the environment!!


Maximize robustness with fast startup and graceful shutdown Factor 9 – Disposability:

You cannot… scale deploy release recover … fast if you cannot start fast!


Maximize robustness with fast startup and graceful shutdown Factor 9 – Disposability:

You cannot start if you did not shutdown gracefully!

Where did all my db connections go? Why are all my jobs locked? Uhh, that job was in progress?


Treat Backing Services as Attached Resources

Factor 4 – Backing services

Access services through a URL, never locally!

Store the Locator in the config (see F3) Resource locations can be changed

according to the fancy of the operator


Create an instance of a resource

cf create-service cleardb spark hellodb service plan service name


Attach the resource to our app

cf bind-service hello-app hellodb app service name


(declaratively) Attach the resource to our app

--- applications: - name: hello-spring-one memory: 1G path: build/libs/twelvefactor-0.1.0.jar random-route: true services: - hellodb <- The name of the service we depend on!


How do I consume that? (demo)


Our code builds with knowledge of a config entry named hellodb

Every release has a config entry named

hellodb

hellodb is fetched at runtime and provides URL & credentials for our resource


Factor 10 – Dev/prod parity

Keep development, staging And production as similar

as possible


WHY?


Cloud Native & 12 Factor apps are designed for

continuous deployment


Environment Parity Enables Speed

cmt cmt v201 cmt cmt cmt cmt v202 cmt … …

Prod

Acceptance

CI


Every Commit is a Candidate for Deployment

cmt v201 cmt cmt cmt cmt v202 cmt … …

Prod

Acceptance

CI


Every Commit is a Candidate for Deployment

cmt v201 cmt cmt cmt cmt v202 cmt … …

App

Platform CVE

Prod

Acceptance


Lean on a platform. It’s the same

because it’s the same.


demo


Run admin/management processes as one-off processes Factor 12 – Admin Processes

�  Admin / Management processes run against a release

�  The “should” run in an identical environment as the release.

�  They use the same codebase and config

�  They ship live with the code to avoid synch issues.

�  This one has a lot of rules, be pragmatic.


Export Services Via Port Bindings Factor 7 – Port Binding

�  Apps are deployed into containers

�  Multiple containers per host

�  Platform to handle port assignments and mappings

demo


Runner

NAT

Router

Runner

NAT

foo.com:80

192.168.200.27:61021 192.168.200.33:61021

10.254.0.71:61021 10.254.0.76:61001 10.254.0.89:61021 10.254.0.93:61018

… …


Execute the app as one or more stateless processes Factor 6 – Processes


Stateless apps allows the platform

to do all sorts of things for you demo


Scale out via the process model Factor 8 – Concurrency

Wor

kloa

d di

vers

ity

Scale (running processes)

hello hello

trader trader trader

enqueue

file xfer file xfer file xfer

trader trader

demo


But that’s not all… •  Factor 13 – Audit

•  Every app should be designed with audit in mind o  What versions running at what ports o  Event stream (start, stop, crash…)

•  Factor 14 – AuthN/AuthZ •  Every app should have RBAC applied

@jmckenty


Thank you!

50

Unless otherwise indicated, these sl ides are © 2013-2015 Pivotal Software, Inc. and l icensed under a Creat ive Commons Attr ibut ion-NonCommercial l icense: ht tp: / /creat ivecommons.org/ l icenses/by-nc/3.0/ 51

You can check all of this out: https://github.com/cdavisafc/twelvefactorapp

Other sessions: •  (10:30 W) Spring Boot for Devops (https://2015.event.springone2gx.com/schedule/sessions/spring_boot_for_devops.html) •  (2:30 W) Spring Cloud Services (https://2015.event.springone2gx.com/schedule/sessions/cloud_native_java_with_spring_cloud_services.html) •  Migrating the Monolith (https://2015.event.springone2gx.com/schedule/sessions/migrating_the_monolith.html)

Learn More. Stay Connected.

@springcentral Spring.io/video

@cdavisafc @krujos

12 factor (cloud native) apps for spring developers

Technology